Vulnerability-Lookup

CNVD-2022-11499

Vulnerability from cnvd - Published: 2022-02-18

Title

Talkyard代码问题漏洞

Description

Talkyard是开源的一个结构化的讨论平台，汇集了StackOverflow、Slack、Discourse、Reddit/HackerNews和Disqus博客评论的主要功能。 Talkyard存在代码问题漏洞，攻击者可利用该漏洞在注销时重用管理员仍然有效的会话令牌，以获得管理员特权。

Severity

高

Patch Name

Talkyard代码问题漏洞的补丁

Patch Description

Talkyard是开源的一个结构化的讨论平台，汇集了StackOverflow、Slack、Discourse、Reddit/HackerNews和Disqus博客评论的主要功能。 Talkyard存在代码问题漏洞，攻击者可利用该漏洞在注销时重用管理员仍然有效的会话令牌，以获得管理员特权。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981

Reference

https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34

Impacted products

Name
['Talkyard Talkyard >=0.2021.20，<=0.2021.33', 'Talkyard Talkyard >=0.2021.20，<=0.2021.34']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-25981"
    }
  },
  "description": "Talkyard\u662f\u5f00\u6e90\u7684\u4e00\u4e2a\u7ed3\u6784\u5316\u7684\u8ba8\u8bba\u5e73\u53f0\uff0c\u6c47\u96c6\u4e86StackOverflow\u3001Slack\u3001Discourse\u3001Reddit/HackerNews\u548cDisqus\u535a\u5ba2\u8bc4\u8bba\u7684\u4e3b\u8981\u529f\u80fd\u3002\n\nTalkyard\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6ce8\u9500\u65f6\u91cd\u7528\u7ba1\u7406\u5458\u4ecd\u7136\u6709\u6548\u7684\u4f1a\u8bdd\u4ee4\u724c\uff0c\u4ee5\u83b7\u5f97\u7ba1\u7406\u5458\u7279\u6743\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2022-11499",
  "openTime": "2022-02-18",
  "patchDescription": "Talkyard\u662f\u5f00\u6e90\u7684\u4e00\u4e2a\u7ed3\u6784\u5316\u7684\u8ba8\u8bba\u5e73\u53f0\uff0c\u6c47\u96c6\u4e86StackOverflow\u3001Slack\u3001Discourse\u3001Reddit/HackerNews\u548cDisqus\u535a\u5ba2\u8bc4\u8bba\u7684\u4e3b\u8981\u529f\u80fd\u3002\r\n\r\nTalkyard\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u6ce8\u9500\u65f6\u91cd\u7528\u7ba1\u7406\u5458\u4ecd\u7136\u6709\u6548\u7684\u4f1a\u8bdd\u4ee4\u724c\uff0c\u4ee5\u83b7\u5f97\u7ba1\u7406\u5458\u7279\u6743\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Talkyard\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Talkyard Talkyard \u003e=0.2021.20\uff0c\u003c=0.2021.33",
      "Talkyard Talkyard \u003e=0.2021.20\uff0c\u003c=0.2021.34"
    ]
  },
  "referenceLink": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34",
  "serverity": "\u9ad8",
  "submitTime": "2022-01-05",
  "title": "Talkyard\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}

CVE-2021-25981 (GCVE-0-2021-25981)

Vulnerability from cvelistv5 – Published: 2022-01-03 06:35 – Updated: 2024-08-03 20:19

Title

Talkyard - Insufficient Session Expiration

Summary

In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin’s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)

Severity ?

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-613 - Insufficient Session Expiration

Assigner

Mend

References

URL

Tags

	https://github.com/debiki/talkyard/commit/b0310df…	x_refsource_MISC
	https://github.com/debiki/talkyard/commit/b071291…	x_refsource_MISC
	https://www.whitesourcesoftware.com/vulnerability…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	debiki	talkyard	Affected: v0.2021.20 , < unspecified (custom) Affected: unspecified , ≤ v0.2021.34 (custom)

Credits

WhiteSource Vulnerability Research Team (WVR)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:19:19.390Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "talkyard",
          "vendor": "debiki",
          "versions": [
            {
              "lessThan": "unspecified",
              "status": "affected",
              "version": "v0.2021.20",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "v0.2021.34",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "WhiteSource Vulnerability Research Team (WVR)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin\u2019s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-613",
              "description": "CWE-613 Insufficient Session Expiration",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-01-03T06:35:10.000Z",
        "orgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
        "shortName": "Mend"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to version v0.2021.35"
        }
      ],
      "source": {
        "advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
        "discovery": "UNKNOWN"
      },
      "title": "Talkyard - Insufficient Session Expiration",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "vulnerabilitylab@whitesourcesoftware.com",
          "ID": "CVE-2021-25981",
          "STATE": "PUBLIC",
          "TITLE": "Talkyard - Insufficient Session Expiration"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "talkyard",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003e=",
                            "version_value": "v0.2021.20"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "v0.2021.34"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "debiki"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "WhiteSource Vulnerability Research Team (WVR)"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Talkyard, regular versions v0.2021.20 through v0.2021.33 and dev versions v0.2021.20 through v0.2021.34, are vulnerable to Insufficient Session Expiration. This may allow an attacker to reuse the admin\u2019s still-valid session token even when logged-out, to gain admin privileges, given the attacker is able to obtain that token (via other, hypothetical attacks)"
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-613 Insufficient Session Expiration"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34",
              "refsource": "MISC",
              "url": "https://github.com/debiki/talkyard/commit/b0310df019887f3464895529c773bc7d85ddcf34"
            },
            {
              "name": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761",
              "refsource": "MISC",
              "url": "https://github.com/debiki/talkyard/commit/b0712915d8a22a20b09a129924e8a29c25ae5761"
            },
            {
              "name": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981",
              "refsource": "MISC",
              "url": "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25981"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade to version v0.2021.35"
          }
        ],
        "source": {
          "advisory": "https://www.whitesourcesoftware.com/vulnerability-database/",
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "478c68dd-22c1-4a41-97cd-654224dfacff",
    "assignerShortName": "Mend",
    "cveId": "CVE-2021-25981",
    "datePublished": "2022-01-03T06:35:10.000Z",
    "dateReserved": "2021-01-22T00:00:00.000Z",
    "dateUpdated": "2024-08-03T20:19:19.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2022-11499

CVE-2021-25981 (GCVE-0-2021-25981)

Tags

Sightings

Nomenclature